Schneider Electric Accutech Manager

Plan PatchCVSS 7.5ICS-CERT ICSA-24-354-06Aug 13, 2024

Schneider ElectricEnergy

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Schneider Electric Accutech Manager versions 2.08.01 and earlier contain a buffer overflow vulnerability (CWE-120) that allows an unauthenticated remote attacker to exhaust system resources and cause a denial of service. The Accutech Manager is a configuration and monitoring application for Accutech Wireless sensor devices used to manage distributed sensing infrastructure. Successful exploitation results in resource exhaustion and loss of availability of the monitoring software, preventing operators from managing connected sensors.

What this means

What could happen

An unauthenticated attacker on the network could send requests that exhaust Accutech Manager resources, causing the monitoring and configuration software to become unavailable and potentially blocking operators from managing wireless sensor devices.

Who's at risk

Energy sector operators using Schneider Electric Accutech Manager to configure and monitor Accutech Wireless sensor devices. This includes utilities managing wireless sensors for remote asset monitoring or distributed sensing applications.

How it could be exploited

An attacker with network access to the Accutech Manager application could send specially crafted requests that trigger resource exhaustion (likely a buffer overflow or similar flaw per CWE-120). No authentication or user interaction is needed. The attack would cause the application to consume excessive CPU, memory, or connections, rendering it unresponsive.

Prerequisites

Network access to Accutech Manager on its listening port
No authentication required
Accutech Manager version 2.08.01 or earlier must be running

remotely exploitableno authentication requiredlow complexityaffects monitoring and control availability

Exploitability

Unlikely to be exploited — EPSS score 0.2%

Affected products (1)

ProductAffected VersionsFix Status

Accutech Manager≤ 2.08.012.10.0

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGRestrict network access to Accutech Manager by placing it behind a firewall and allowing connections only from authorized engineering workstations or configuration devices

HARDENINGIf remote access to Accutech Manager is required, implement a VPN and ensure it is kept up to date

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Schneider Electric Accutech Manager to version 2.10.0 or later

Long-term hardening

0/1

HARDENINGIsolate the Accutech Manager system and wireless sensor network from internet-facing networks and business networks

CVEs (1)

CVE-2024-6918

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/b123257c-a0af-44bc-8c49-8f30a23d8ebd

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.